IT security has a major problem—and it’s not cybercriminals. It’s the proliferation of security products, which overwhelms IT admins, making it harder to focus on business growth initiatives. Why is that?
- Architectures are complex due to lack of orchestration between technologies across multiple vendors
- Context is hidden in multiple consoles with inconsistent alerts needed to make faster and smarter decisions
- Processes have friction due to outdated playbooks and broken scripts that require manual upkeep
- Resources are limited due to talent and budget shortages
The reality is that many customers use one or more third-party vendors for at least one layer of security. Traditionally, managing these heterogeneous environments led to conflicting alerts, inconsistent policy management and extra manual processes for IT solution providers.
Cisco SecureX eliminates these security management headaches, and it does it without requiring customers to replace their third-party IT security products.
Cisco SecureX is a cloud-native architecture that combines the industry’s best protection and an excellent user experience. It connects Cisco’s integrated security portfolio (e.g., AMP for Endpoints, DNA, ISE) and your customers’ security infrastructures. SecureX provides a consistent experience that unifies visibility, enables automation, simplifies analytics and strengthens security across the network, endpoints, cloud and applications.
The foundational capabilities of SecureX
At the heart of the SecureX architecture is Cisco Threat Response, an integrated single application built to rapidly detect, investigate and remediate threats. Threat Response aggregates intelligence from Cisco Talos and third-party sources to identify threats throughout customers’ systems, devices and cloud environments. It then seamlessly investigates threats using every tool in your arsenal and automatically documents findings, cutting down on your security ops team’s investigation time by more than 50%
. Threat Response also enables security ops response collaboration via a single, user-friendly interface.
Some of the top benefits of SecureX include:
- Operational metrics—Users can see the mean time to detection, mean time to remediation and incident burndown times across all parts of their security portfolio.
- Cross-architecture automation—The SecureX orchestration and automation capabilities use an adapter model (50+ adapters currently available) that allows users to quickly and easily orchestrate across security, networking, IoT, cloud, collaboration and data centers.
- Pre-built playbooks—SecureX comes with several pre-built playbooks to help automate routine processes. Using the phishing playbook, for example, end users can submit a suspicious email to SecureX to get a recommendation of whether it’s malicious or not. If it’s determined to be a threat, the end user is notified of recommended next steps, and an event is generated in SecureX alerting the security team.
- Managed threat hunting—Using a combination of intel and data techniques, SecureX performs multi-domain managed threat hunting across endpoints, cloud and email. High fidelity threats are confirmed by the Cisco Talos and research teams and communicated to customers through the SecureX activity panel and via email with detailed artifacts, such as targets involved and remediation recommendations.
Unlike other security platforms, SecureX helps customers get value quickly, and getting started is simple. If you have a CloudCenter Orchestrator (CCO) account, log in and add products to SecureX by providing API keys and adding on-prem devices (for firewall and on-prem email solutions). If you don’t have a CCO account, go to the Cisco SecureX site here
and select the “Create an Account” hyperlink located at the bottom right-hand side of the page.
To learn more visit Cisco.com/SecureX